ԜаӀtеr ⅬарсһуnѕkіSSL-using sysadmins note that Chrome will remove trust in Symantec-issued certificates issued before 1 June 2016, including Thwate, VeriSign, Equifax, GeoTrust, RapidSSL. Mozilla just updated their Root Store Policy, but it's not clear that they're doing the same, even though it was their mailing list that identified the problem. They're using a DigiCert certificate (like $work) so at least THEY don't have to worry. Ironically, the Google Security Blog is using a Symantec certificate, albeit a pretty fresh one.
https://security.googleblog.com/2017/09/chromes-plan-to-distrust-symantec.html
P.S. Let's Encrypt is all good.
All Jonkman Microblog content and data are available under the